CNNVD-202512-3926 Information
CNNVD ID
CNNVD-202512-3926
Related CVE
- CNNVD Published: 2025-12-22
Description (Chinese)
webTareas是luiswang个人开发者的一款基于Web的开源协作工具。该产品支持项目管理、错误跟踪、内容管理和会议管理等功能。 webTareas 2.4版本存在代码问题漏洞,该漏洞源于文件上传功能可能导致任意PHP文件执行。
Description (English)
WebTareas is a Web-based open-source collaboration tool for Luiswang personal developers. The product supports functions such as project management, error tracking, content management and conference management. There is a code gap in version 2.4 of WebTareas, which stems from the fact that the upload function of the document may lead to the execution of any PHP file.
Hazard Level
Medium
Vulnerability Type
代码问题
Affected Vendor
个人开发者
Published
2025-12-22
Last Modified
2026-02-24
References
https://www.vulncheck.com/advisories/webtareas-authenticated-remote-code-execution-via-file-upload https://www.exploit-db.com/exploits/51089 https://sourceforge.net/projects/webtareas/ https://access.redhat.com/security/cve/cve-2023-53971
Patch
https://sourceforge.net/projects/webtareas/
Share on: